RAID 2004

                    "Intrusion Detection and Society"

                   Seventh International Symposium on
                Recent Advances in Intrusion Detection
      Institut Euricom, Sophia-Antipolis, French Riviera, France
                         September 15-17, 2004

This symposium, the seventh in an annual series, brings together leading
researchers and practitioners from academia, government, and industry to
discuss intrusion detection technologies and issues from the research
and commercial perspectives. The RAID International Symposium series is
intended to further advances in intrusion detection by promoting the
exchange of ideas in a broad range of topics.

For RAID 2004 there is a special theme: the interdependence between
intrusion detection and society. Thus, we will also welcome papers that
address issues that arise when studying intrusion detection, including
information gathering and monitoring, as a part of a larger, not
necessarily purely technical, perspective. For example, the implication
of information gathering and detection technologies on enterprises,
organisations and authorities, as well as legislative and governing
bodies is within scope, but also the impact and restrictions from those
bodies on the design and technology. This would include issues such as
privacy, risk and emergency management, crisis management, security
policies, standardisation and legal issues. An increasingly important
dynamic is the strategic importance of protecting national information
infrastructures, which is in some tension with the fact that much of
this infrastructure is in the private sector. Related to this is the
potential strategic impact of attacks at the intersection of information
and physical infrastructure.

The RAID 2004 program committee invites three types of submissions:

- Full papers presenting mature research results. Papers accepted
  for presentation at the Symposium will be included in the RAID 2004
  proceedings published by Springer Verlag in its Lecture Notes in
  Computer Science (LNCS) series.
  Full papers are limited to 20 pages when formatted according to the
  instructions provided by Springer Verlag. Papers must include an
  abstract and a list of keywords.

- Practical experience reports describing a valuable experience
  or a case study, such as the design and deployment of a system or
  actual experience from intrusion detection or network monitoring.
  These reports are reviewed differently from full papers and do not
  necessarily include fundamental scientific contributions or new
  research ideas.
  Practical experience reports are limited to 12 pages when formatted 
  according to the instructions provided by Springer Verlag. 
  They must include an abstract and a list of keywords.

- Panel proposals for presenting and discussing hot topics in the
  field of intrusion detection systems.
  The panel proposals should include both an outline of the format of
  the panel and a short rationale for the panel. Panels that include
  time for general discussion and questions/answers between the
  panelists and the Symposium attendees are preferred.

All topics related to Intrusion Detection Systems and Technologies
are within scope, including their design, use and maintenance,
integration, correlation and self-protection, just to mention a few.

With reference to this year's theme and extended scope we also invite
papers on the following topics, as they bear on intrusion detection and
the general problem of information security:

   Risk assessment and risk management
   Intrusion tolerance
   Deception systems and honeypots

   Privacy aspects
   Data mining techniques
   Visualization techniques

   Cognitive approaches
   Biological approaches

   Case studies
   Legal issues
   Critical infrastucture protection (CIP)


   General Chair:     Refik Molva>

   Program Chairs:    Erland Jonsson 
                      Alfonso Valdes 

   Publication Chair: Magnus Almgren 

   Publicity Chair:   Yves Roudier 

   Sponsor Chair:     Marc Dacier 


   Tatsuya Baba (NTT Data, Japan)
   Lee Badger (DARPA, USA)
   Sungdeok Cha (KAIST, Korea)
   Steven Cheung (SRI International, USA)
   Herve Debar (France Telecom R&D, France)
   Simone Fischer-H|bner (Karlstad University, Sweden)
   Steven Furnell (University of Plymouth, UK)
   Bill Hutchinson (Edith Cowan University, Australia)
   Dogan Kesdogan (RWTH Aachen, Germany)
   Chris Kruegel (UCSB, USA)
   Hekan Kvarnstrvm (TeliaSonera R&D, Sweden)
   Wenke Lee (Georgia Tech, USA)
   Douglas Maughan (DHS HSARPA, USA)
   Roy Maxion (Carnegie Mellon University, USA)
   John McHugh (CMU/SEI CERT, USA)
   Ludovic Me (Supilec, France)
   George Mohay (Queensland University of Technology, Australia)
   Vern Paxson (ICSI and LBNL, USA)
   Giovanni Vigna (UCSB, USA)
   Andreas Wespi (IBM Research, Switzerland)
   Felix Wu (UC Davis, USA)
   Diego Zamboni (IBM Research, Switzerland)


   Deadline for paper submission                  : March 31, 2004
   Deadline for panel submission                  : April 30, 2004
   Deadline for poster submission                 : August 20, 2004
   Notification of acceptance or rejection        : June 4, 2004
   Final paper camera ready copy                  : July 2, 2004
   RAID conference dates                          : September 15-17, 2004


   Submissions must not substantially duplicate work that any of the authors
   has published elsewhere or has submitted in parallel to any other
   conference or workshop with proceedings. The full papers must list all
   authors and their affiliations; in case of multiple authors, the contact
   author must be indicated (note that RAID does not require anonymized

   Authors are invited to submit their papers electronically. A detailed
   description of the electronic submission procedure is available at Submissions must conform to
   this procedure and be received within the submission deadline in order
   to be considered.

   Each submission will be acknowledged by e-mail. If acknowledgment is not
   received within seven days, please contact RAID 2004's PC Chair

   Poster submissions should be sent as a half-page abstract. For
   submission or practical details, please contact Marc Dacier

   All submissions and presentations must be in English.


   We solicit interested organizations to serve as sponsors for RAID
   2004, particularly in sponsorship of student travel and other
   expenses for RAID. Please contact the Sponsor Chair, Marc Dacier
   , for information regarding corporate
   sponsorship of RAID 2004.


   Detailed registration information (including fees, suggested hotels, and
   travel directions) will be provided at the RAID 2004 web site


   Accepted papers will be published by Springer Verlag in its Lecture
   Notes in Computer Science (LNCS) series. Instructions for authors
   will be provided at the RAID 2004 web site (


   Chair: Marc Dacier (Eurecom, France)

   Hervi Debar  (France Telecom R&D, France)
   Deborah Frincke  (University of Idaho, USA)
   Huang Ming-Yuh  (The Boeing Company, USA)
   Wenke Lee  (Georgia Institute of Technology, USA)
   Ludovic Mi  (Supilec, France)
   S. Felix Wu  (UC Davis, USA)
   Andreas Wespi  (IBM Research, Switzerland)
   Giovanni Vigna  (UCSB, USA)

For further information, please contact the Program Chairs or
the General Chair.